OKX could lose MiCA license as EU probes use of its Web3 tools to launder Bybit hack funds: report

European regulators are allegedly probing OKX's decentralized trading and self-custody offerings, which were used by North Korea's Lazarus Group to launder funds from the $1.5 billion Bybit hack in February."European crypto regulators" allegedly discussed the crypto exchange at a European Securities and Markets Authority’s Digital Finance Standing Committee meeting on March 6, according to a Bloomberg report on Tuesday citing people familiar with the matter. According to the report, several agencies, including regulators from across the the EU's 27 member nations, as well as watchdogs like the European Securities and Markets Authority and European Banking Authority were in attendance.During the meeting, the regulators reportedly raised questions over whether OKX's permissionless tools fall afoul of the European Union's Markets in Crypto Assets (MiCA) guidelines. Although the rules, which went into full effect at the end of last year, have carve outs for decentralized applications, some regulators allegedly claimed OKX’s Web3 service should be encompassed by MiCA. OKX denied the accusations it is being investigated by authorities on its official X account. The exchange reportedly faces penalties including losing its MiCA license, which it received in February. OKX noted its non-custodial web3 offerings are "no different" than what's "offered by other industry players."Laundered funds?Earlier this month, Bybit CEO Ben Zhou claimed that at least $100 million in assets moved through OKX's web3 platforms. The Lazarus Group, connected to the North Korean state, has used dozens of protocols and mixers to move the stolen funds — with many security researchers noting the sophistication of the laundering operation. It's thought that 20% of total amount stolen has "gone dark.""OKX Web3 wallet is a pure self custody software, as everybody knows," OKX CEO Xu Mingxing said on social media, arguing that there is little the exchange can do to assist in rescuing funds despite the "technical controls" it implemented to block IPs of users from prohibited countries. "I can’t understand why bybit keeps making this ridiculous statement without showing understanding of basic facts about self custody technology."The firm stated it froze Bybit-associated funds flowing into its centralized exchange, and that it has collaborated with law enforcement and Bybit's legal team. Mingxing also stated its incident response team has "offered technical support" to Bybit researchers and built a tool to track the hacker’s latest addresses in realtime. "Regardless of what others do or say, we take our commitment to compliance seriously," OKX President Hong Fang said on X. Bybit's roughly $1.5 billion hack on Feb. 21 is the largest cryptocurrency exploit to date. The Lazarus hackers compromised Safe wallet infrastructure to seize Bybit's Ethereum cold wallet, The Block previously reported. OKX is one of the largest centralized crypto exchanges, bringing in $108.6 billion in spot market volume in February, The Block's Data Dashboard shows. Last month the exchange agreed to pay more than $504 million in penalties after pleading guilty for serving U.S. customers without a license. Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.